CLAIMS 

The invention claimed is: 

1. A system for configuring differentiated services (Diffserv) over multi-protocol 
label switching (MPLS) in a network that includes MPLS tunnels, comprising: 

a policy server that is arranged to configure a customer policy and a mapping 
policy that maps between an experimental (EXP) field and a unique per-hop-behavior 
(PHB), and to deploy the mapping policy and the customer policy to interfaces of devices 
of the network that correspond to the turmels. 

2. The system of claim 1, wherein 

the customer policy comprises a turmel group identifier and turmeling mode. 

3. The system of claim 1, wherein 

the policy server translates the mapping policy into device specific commands, 

and 

deployment is performed by deploying commands to specific devices. 

4. The system of claim 1, wherein 

deployment is such that the interfaces associate with at least one of input roles, 
output roles and MPLS gateways of customer source and destination host groups. 

5. An apparatus for configuring Diffserv over MPLS in a network, comprising: 
a memory; 

a service application residing on the memory. 
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wherein the service application is arranged to configure a customer policy 
that comprises a tunnel group and tunneling mode, the customer policy being 
arranged to have customer traffic mapped into MPLS tuimels, and 

wherein the service application is arranged to configure an EXP-to-PHB 
mapping policy that is arranged to map EXP fields to PHB; 

a central processing facility that is arranged to translate the customer policy and 
mapping policy into device-neutral policy parameters; and 

a policy consumer that is arranged to translate the device-neutral policy 
parameters into device-specific commands, and that is fiirther arranged to deploy the 
device-specific commands to policy targets, such that the customer policy and mapping 
policy are implemented across at least a portion of the network. 

• 6. The apparatus of claim 5, further comprising: 

a user interface that is arranged to receive the customer policy and the mapping 

policy. 

7. The apparatus of claim 5, wherein 

deployment is such that the interfaces associate with at least one of input roles, 
output roles and MPLS gateways of customer source and destination host groups. 

8. The apparatus of claim 5, wherein 

the policy consumer is fiirther arranged to attach the customer policy to the 
corresponding MPLS tunnels and deploy the customer policy to interfaces of the attached 
MPLS tunnels. 

9. The apparatus of claim 5, fiirther comprising: 

a database for storing the device-neutral policy parameters. 
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10. The apparatus of claim 5, wherein 

the service application comprises a tunnel group object that is arranged to create 
the MPLS tunnels by specifying end-point routers and inter-connecting topology. 

11. An apparatus for configuring Diffserv over MPLS in a network, comprising: 
a means for defining a mapping policy that maps between an EXP field and a 

unique PHB; 

a means for maintaining a customer policy; 

a means for translating the mapping policy and customer policy into device- 
specific commands; and 

a means for deploying the device-specific commands to policy targets. 

12. The apparatus of claim 11, wherein 

the customer policy includes information about a tunnel group identifier and a 
tunnel mode. 

13. The apparatus of claim 1 1 , wherein 

deployment is such that the interfaces associate with at least one of input roles, 
output roles and MPLS gateways of customer source and destination host groups. 

14. An article comprising: a storage medium, the storage medium having instructions 
stored thereon, wherein when the instructions are executed by at least one device, they 
result in: 

defining a mapping policy configured to map between an EXP field and a unique 

PHB; 

defining a customer policy that is configured to govern the treatment of individual 
customer traffic; 
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defining a network policy that is configured to define the DifFserv treatment of 
aggregated traffic; 

translating the mapping policy, the network policy and the customer policy into 
device-specific commands; and 

deploying the device-specific commands to policy targets. 

15. The article of claim 14, wherein executing the instructions fiirther results in: 
generating device neutral information associated with the mapping policy, the 

network policy and the customer policy. 

16. The article of claim 15, wherein 

the device specific commands are generated from the device neutral information. 

17. The article of claim 15, wherein executing the instructions further results in: 
storing the device neutral information in a database. 

18. The article of claim 14, wherein 

deployment is such that the interfaces associate with at least one of input roles, 
output roles and MPLS gateways of customer source and destination host groups. 

19. The article of claim 14, wherein 

deploying the mapping policy to the network interfaces fiirther comprises issuing 
new commands to reconfigure a router based on the mapping policy. 

20. The article of claim 14, wherein 

the customer policy includes information about a timnel group identifier and a 
tunnel mode. 
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21. A method for configuring Diffserv over MPLS in a network, comprising: 
defining a mapping policy configured to map between an EXP field and a unique 

PHB; 

defining a customer policy that is configured to govern the treatment of individual 
customer traffic; 

defining a network policy that is configured to define the Diffserv treatment of 
aggregated traffic; 

translating the mapping policy, the network policy and the customer policy into 
device-specific commands; and 

deploying the device-specific commands to policy targets. 

22. The method of claim 2 1 , fiirther comprising: 

generating device neutral information associated with the mapping policy, the 
network policy and the customer policy. 

23. The method of claim 22, wherein 

the device specific commands are generated from the device neutral information. 

24. The method of claim 22, fiirther comprising: 
storing the device neutral information in a database. 

25. The method of claim 2 1 , wherein 

deployment is such that the interfaces associate with at least one of input roles, 
output roles and MPLS gateways of customer source and destination host groups. 

26. The method of claim 2 1 , wherein 
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deploying the mapping policy to the network interfaces further comprises issuing 
new commands to reconfigure a router based on the mapping policy. 

27. The method of claim 21 wherein 

the customer policy includes information about a tuimel group identifier and a 
tunnel mode. 
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